Posted on: February 27, 2013in Blog
Guide to Litigation Readiness: How to Create a Defensible Plan
Part of the buzz at #ILTACON 2016 was how much legal work is moving in-house from outside counsel. Companies that have occasional or even frequent risk of litigation can easily outsource their work. But many companies are seeing increasing need to respond to government inquiries and to conduct their own internal investigations. Once those needs are assessed as a whole, it makes financial and operational sense to have at least some litigation capability in house. Any such assessment has to have a focus on Litigation Response Planning.
Create a Litigation Readiness Plan
Litigation readiness planning (or litigation response) informs the organization how to respond once there is a reasonable expectation of litigation. You cannot be without a plan. Even if your litigation risk is minimal or you believe that changes in Federal Rules of Evidence give you some breathing room against sanctions for loss of ESI (electronically stored information), there are many reasons to have a plan that has documentation, staffing, training and funding.
Litigation readiness planning is just the beginning, but what happens when there is a duty to preserve? Download this On-Demand webinar to learn how to keep the cost of preservation proportional to litigation while managing the risks of spoliation.
With a plan, you have a better chance of being able to litigate or settle based on merits. Without a plan, you run the risk of increased case costs, increased intrusion on your business clients, lost data, lost time, and lost tactical advantage with an opponent in a dispute.
Tip: Even if you think your company is “too small”, having a litigation response plan makes you more attractive to investors and acquirers, simply because you present them with less risk.
Here are some steps to get you started with creating your litigation readiness plan:
1. Identify the Legal Hold Triggers
Most litigators understand a preservation hold to be required when there is a “reasonable anticipation of litigation”. Those circumstances vary according to situations and even among companies. One assignment I took with a multinational corporation revealed a historically very small litigation docket and a very high tolerance for “anticipation”. A company that is a heavy litigation target may be much more mechanical in defining its triggers for “anticipating litigation” and implementing a legal hold.
We hear a lot of lawyers say, “Well, I know it when I see it”. Using that as the threshold does the client a disservice. Defining trigger events also can protect the client from the instances when the the decision not to preserve is made, because there is a specific protocol in place for when and if data preservation should begin. It gives up all of those situations in which you may actively want to decide that you are not in anticipation of litigation. If you document what constitutes an anticipation of litigation, you can carve out considerable room to manage routine disputes and even demand letters without unnecessary cost or risk.
You define your triggers by your perspective and historical need. For example:
- When you make a decision to file
- When it is clear that settling a demand is no longer possible
- When there is an incident of a type that matches a litigation trigger in the company’s recent past.
You may want to expand your list of triggers into needs for regulatory responses, internal compliance investigations, and even internal security and HR investigations. Expanding the scope may let you use the workflow and resources for a variety of risk-management tasks.
Tip: If you define your triggers and you document their occurrence, you have some protection against an opponent who says you should have preserved months earlier. If you have no plan and no history of using it, and you just “call it when you see it”, you have no reasonable protection.
2. Include Your Colleagues in Litigation Readiness Planning
The design, budget and implementation of a litigation response plan should include a lot more stakeholders than law department staff (if you have one) and trusted outside counsel. Here is how other constituencies can contribute:
Human Resources has a considerable stake in managing disputes. Across all kinds of corporate entities, HR disputes by far outnumber all others combined. Individually, they are inordinately expensive to litigate. Defining thresholds for certain dispute resolution workflows and preservation triggers help to hold down the costs of HR disputes. Knowing how you can quickly lay hands on the data or files makes eDiscovery costs more predictable, and tell you early whether to settle early or hold firm can be worth a fortune of savings in litigation budgets and payments.
Regulatory Compliance personnel typically have close connections with both the law department or outside counsel and also key internal operations. They keep track of regulated activities, prepare reports to the agencies, and keep records of regulatory submissions. All of these activities come into play in a litigation response plan, because these reports and submissions become a publicly-accessible road map to how your company operates. Further, when you have a need for an “unscheduled” regulatory response, you can use the same litigation response plan to identify, preserve, collect, and evaluate the data you need for your response.
Information Technology (IT)
IT maintains and effectively owns the organizations critical information systems. These are the sources of volatile computer information that needs to be preserved and which may otherwise easily disappear or be damaged.
It is a mistake to assume that IT can respond to a fire drill without a litigation response plan. They may reasonably not know what you want to do, how you want to do it, or even have the necessary time, tools or experience. All of these need to be defined, budgeted, and trained within the litigation response plan.
The biggest unnecessary risks and costs we see are when IT:
- Copies, collects or sends large volumes of data to counsel in a rush or “just to be safe” and
- When counsel assumes IT has a copy or search capability that it in fact does not have
Included and well prepared, IT or an eDiscovery consultant, can assist with the “data map” that helps you identify your critical sources of ESI. They can help target critical information which otherwise be subject to over-collection or be left to time-consuming analysis by business clients. They can assist with identifying sources of ESI that business clients may overlook: departed employees, mobile devices, cloud resources, databases, and legacy systems.
IT Strategic Planning
IT Strategic Planning plays an important role in litigation response planning. To the extent that IT is planning new systems or even a move to or from the cloud, the legal team needs to be aware so that its litigation response plan is not obsolete when completed.
Records Information Management
Records Information Management (RIM) informs the creation, and the receipt can tell you where the paper documents are stored for particular employees and corporate efforts. They can tell you what was kept or not contemporaneous with the events, and by what retention schedules the documents and data are kept. The company should ensure that they have a records information management policy in place, with specific corporate document retention policies.
3. Assess Current Needs and Budget
How you build your litigation response plan is driven by your current needs, as well as your past and prospective history with respect to litigation and investigations. You must also consider your budget for staffing, software, training, infrastructure and support.
Every organization’s litigation response plan looks a little different. Look at your own needs and do your own homework or get some outside with information governance consultanting help to analyze what components you have and need, and what could be a growth trajectory to develop greater capability over time. Don’t even think about trying to copy someone else’s plan or ‘template”. There is no one size fits all.
4. Leverage Your Resources for Critical Workflows
A litigation response plan contains more than just your procedures for putting out legal hold notice.
Ensure that you have the resources to handle these critical workflow components:
- Document your sources of disputes and investigations
- Define your triggers for implementing a hold
- Draft and vet a litigation hold notice
- Transmit the hold to appropriate individuals, including IT
- Track acknowledgments and field questions
- Interview potential data custodians and necessary IT staff
- Preserve ESI subject to litigation hold
- Obtain buy-in and supervision, if necessary, from outside counsel
- Periodically remind custodians of the hold
- Audit compliance
- Release the hold
You have an array of resources to select and capabilities to engage. Who inside the company will be the owner of this process? Will you use outside or cloud or internal services? What software tools are available?
Additional Workflow Considerations
Your workflow should include the capabilities listed above. Are you looking for software solutions just to manage the notice and tracking? Will it connect with your employee roster or Active Directory? How much tracking, search and reporting do you need among individuals or across cases? There are software applications that can both track your custodians and track the ESI that is subject to hold. Do you have the appetite for that extensive an implementation? Do you have the IT or other human resources to staff that effort?
Email is a favorite source of ESI for litigation and investigations. Do you have a corporate email retention policy? Is your email stored in the cloud or on premises? Do you have an Office 365 implementation that may have some litigation hold capabilities built in?
What are other sources of ESI that you need to consider? Do you have a conceptual “data map” that identifies sources, locations and owners of various kinds of ESI in the organization? Consider document management systems:
- Personal network folders
- Shared folders
- Removable media
- Mobile devices
- Cloud storage
- Accounting and finance systems
- Software and other code version control systems
- Engineering systems
- ERP (enterprise resource planning)
How will you put ESI owners on notice and what are your choices for preservation and collection?
5. Document Your Litigation Readiness Process
Documented – Predictable – Standardized – Repeatable and Repeated
These adjectives are used in most of the treatises and case decisions that discuss preservation and the “defensibility” of a litigation response plan. These are, not strangely, many of the key principles you may have studied if you are a professional project manager and the same concept applies to eDiscovery project management.
A solution that yields predictable results is one that is repeatable and, in fact, repeated. It tends to be so because it is documented, and because its practice and repetition are standardized. A predictable result is defensible because in its design and execution it reasonably takes into account all of the contingencies for which it was designed, so that variants are truly exceptions.
You want a plan that your team will use, invariably. You want to document it and train on it, and to document its use each time you use it. If there are the occasional errors or oversights, you can readily document the variation as an exceptional circumstance. This is the kind of defensibility you want for your litigation response plan.
6. Use the Documented Policy
Nothing creates risk like a documented policy that you don’t actually use. Think what would happen in employment litigation if the HR director said, “Oh yes, that’s our policy but we don’t actually do that.” Or if the records manager says, “Yes, this is our data preservation policy but most people ignore that”. Or if the IT manager says, “Here is our policy for managing and deleting backups, but in practice, we actually keep all the monthly and annual backup tapes just in case.”
So implement a plan that will be beneficial to your organization so it's easily followed up on. If you find that you have documentation and are not using it, you need either to retrain or to re-think and re-craft your plan. Remember: Documented – Predictable –Standardized – Repeatable and Repeated.
Don't Delay on Litigation Readiness Planning
Remember this: If you’ve had it on your to-do list to get or refresh your litigation readiness plan, don’t delay. You don’t need to plan and develop a comprehensive workflow all at once. There is no one size fits. It is more important to have a litigation response plan that you document, that you can execute on, and that you actually use and monitor to get important information to your business clients, and to make sure you have a litigation hold in place. Once you have that accomplished, you can build on those features based on your budget, staffing, software choices, infrastructure and training capabilities.
- Having a Solid Litigation Response Plan May Prevent Sanctions
- 5 Document Management Best Practices for Beginners
- Why Reduced Preservation Sanctions Still Leave No Time to Relax
- 5 Cases that Highlight the Challenges of Mobile Device Preservation
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted July 13, 2017
How to Use Office 365 and X1 Discovery to Achieve Your Team's eDiscovery Goals [Webinar]
Posted July 12, 2017
Microsoft Office 365 is Disrupting the eDiscovery Industry in a Major and Permanent Fashion
Posted July 06, 2017
China's Cybersecurity Strategy: 5 Updates You Need to Know
Posted July 05, 2017
3 Workflows to Enhance Your Document Review Process
Posted June 28, 2017
Should you be using TAR? Judge Peck recommends you do
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?